Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1630

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2015-1630
Last Modified 17 Mar 2015 10:05:21
Published 11 Mar 2015 06:59:33
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-1630

Summary

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Audit Report Cross Site Scripting Vulnerability."

Vulnerable Systems

Application

  • Microsoft Exchange Server 2013


References

MS - MS15-026

SECTRACK - 1031900

Related Patches

MS15-026 Security Update For Exchange Server 2013 SP1 (KB3040856)

MS15-026 Security Update For Exchange Server 2013 CU7 (KB3040856)


Last Updated: 27 May 2016 11:08:04